Início /
Firewall e Segurança
🔥 Firewall e Segurança
Configuração do firewall, desativar protocolos desnecessários e proteção de credenciais
🛡️ Regras do Firewall
Desativar Regras de Apps Desnecessárias
Desactivar reglas de apps de Windows powershell
netsh advfirewall firewall set rule group="Connect" new enable=no
netsh advfirewall firewall set rule group="Contact Support" new enable=no
netsh advfirewall firewall set rule group="Cortana" new enable=no
netsh advfirewall firewall set rule group="DiagTrack" new enable=no
netsh advfirewall firewall set rule group="Feedback Hub" new enable=no
netsh advfirewall firewall set rule group="Microsoft Photos" new enable=no
netsh advfirewall firewall set rule group="OneNote" new enable=no
netsh advfirewall firewall set rule group="Remote Assistance" new enable=no
netsh advfirewall firewall set rule group="Windows Spotlight" new enable=noBloquear Porta 445 (SMB)
Bloquear porta SMB powershell
netsh advfirewall firewall add rule name=deny445 dir=in action=block protocol=TCP localport=445Configurar Perfis do Firewall
Habilitar firewall e desabilitar regras locais powershell
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True -AllowLocalFirewallRules False🚭 Desativar Protocolos de Rede
NetBIOS
Desativar NetBIOS/LMHOSTS powershell
New-ItemProperty -Force -Path "HKLM:\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" -Name "EnableLMHOSTS" -PropertyType DWord -Value 0Adaptadores de Rede Desnecessários
Desativar componentes de rede powershell
# Pacer (QoS)
Disable-NetAdapterBinding -Name "*" -ComponentID "ms_pacer"
# SMB Server
Disable-NetAdapterBinding -Name "*" -ComponentID "ms_server"
# LLDP
Disable-NetAdapterBinding -Name "*" -ComponentID "ms_lldp"
# LLTD
Disable-NetAdapterBinding -Name "*" -ComponentID "ms_lltdio"
Disable-NetAdapterBinding -Name "*" -ComponentID "ms_rspndr"IPv6
Desativar IPv6 powershell
Disable-NetAdapterBinding -Name "*" -ComponentID "ms_tcpip6"
New-ItemProperty -Force -Path "HKLM:\SYSTEM\CurrentControlSet\Services\TCPIP6\Parameters" -Name "DisabledComponents" -PropertyType DWord -Value 0xFFFFFFFFSMBv1
Desativar SMBv1 no registro powershell
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" -Name SMB1 -Value 0 Desativar compartilhamento de arquivos e impressoras powershell
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=no🔐 Proteção de Credenciais
Credential Hardening
Configurar políticas de tokens powershell
Set-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -Name LocalAccountTokenFilterPolicy -Value 0
Set-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -Name FilterAdministratorToken -Value 1
Set-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -Name EnableLUA -Value 1Cleartext Password Protection
Proteger senhas em texto plano powershell
Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest -Name UseLogonCredential -Value 0
Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\Lsa -Name TokenLeakDetectDelaySecs -Value 30⚠️
⚠️ Importante
- SMB: Desativar SMB pode afetar compartilhamento de arquivos na rede local
- IPv6: Só desative se você não usa
- Firewall: Certifique-se de estar atrás de um roteador NAT
- Reiniciar: Reinicie o Windows para aplicar alterações